Blog Post

Shellshock vulnerability

🗓 September 27, 2014 :: 🕑 1 min read :: 👏 0 💬 0

On 24th Sept 2014, a bash vulnerability, now known as ShellShock was disclosed. The vulnerability allowed attackers to execute arbitrary code by passing strings against environment variables.

This is affecting all unix based systems with bash version between 1.14 and 4.3.

Checking System Vulnerability

env VAR='() { :;}; echo Bash is unsafe!' bash -c "echo Test Complete"

Fix

An incomplete fix is currently available but a complete fix is in the pipeline as we speak.

Whether its a complete fix or not update your bash now!

# debian sudo apt-get update && sudo apt-get install --only-upgrade bash
Ben Shi

On 24th Sept 2014, a bash vulnerability, now known as ShellShock was disclosed. The vulnerability allowed attackers to execute arbitrary…

https://hbish.com/shellshock-vulnerability/


Fetching Replies...